Hackers Gain Access to Executives’ Password Manager Accounts, Siphon $200 Million In Bitcoin

newslogical.com 2020-06-29 10:20
Reading time: ~2 m

A crypto hacker group has managed to gain access to the executives’ password managers account using the spear-phishing method to siphon about 200 million USD in crypto from exchange accounts.

A sum of 200 million USD worth of Bitcoin has been reportedly moved from five different exchanges, by a group of hackers, the hackers allegedly adopted “spear-phishing” attacks to gain entry into the crypto exchanges.

Reports from ClearSky, confirm that the hacker group is known as “CryptoCore” and is believed to have been targeting cryptocurrency exchanges majorly in Japan and the US since 2018.

ClearSky however believed that the “CryptoCore” hacker group must have operated from outside Eastern Europe, and even though the gang has successfully hijacked $200 million within two years, the CryptoCore gang were rather persistent, swift and efficient but not extremely advanced technologically.

How CryptoCore Hackers Access Crypto Wallets on Exchanges

The rogue gang began their attack through an “extensive reconnaissance phase against the company” and its employees. Entering into the exchange was made easy through spear-phishing attacks, and this was possible via sending emails to an executive of the target exchange from a fake high-profile employee account; the fake account could resemble that of the organization or their partner firms.

The Hacker gang installed malware to gain access to the executive’s password manager accounts after successfully infiltrating the exchange; the executive’s password manager account is a safe where all crypto wallet keys are stored. Hackers at once drained all wallets after penetrating into.

Spear-Phishing Attack on YouTubers for Crypto Scamming

Spear-phishing is reportedly the most common method adopted by hackers to siphon funds from financial organizations. A huge spear-phishing was witnessed by YouTube users at the beginning of 2020, ripping many YouTubers off their accounts. The scammers had targeted YouTubers with a lot of subscribers; they took charge of their accounts by having them click on some doggy links.

After gaining access into the account, the perpetrator deletes all the owner’s videos to run a live stream program that features prominent crypto founders or investors. There, viewers are asked to send cryptocurrency to some stated wallet with promises to send back double.

The scam was indeed successful as a particular one did a stream of Elon Musk, and within two months, about 2 million USD was racked. Nevertheless, siphoning off funds from crypto exchanges seems worse than any other form of hacking.